System and Method for Security Planning with Soft Security Constraints

1. A method for security planning with soft security constraints, comprising: receiving security-related requirements and a desired output; generating a plurality of different workflows according to the security-related requirements and desired output, wherein a workflow satisfies soft security constraints and includes a plurality of components, the components comprising software resident on a plurality of computers connected over a network, the components configured to produce the desired output; presenting the workflows and a risk estimate of each workflow's execution to a user; and receiving a selection from the user, wherein the selection identifies a workflow to be executed and the selection is not precluded by any level of the risk estimates, wherein the method is performed using a processor, wherein at least one of the components is described by an action and the security-related requirements comprise a policy constraint in the action description of the at least one component, wherein generating the workflows according to the security-related requirements, comprises translating the security-related requirements into Fuzzy multi-level security (MLS) access class labels and translating the Fuzzy MLS access class labels into Stream Processing Planning Language (SPPL) or Planning Domain Definition Language (PDDL), and wherein several MLS labels with different associated risk values are generated for a Fuzzy MLS access class label, and translated to a single planning problem represented in SPPL or PDDL.

2. The method of claim 1 , wherein the workflows are generated using a planning algorithm.

3. The method of claim 2 , wherein the planning algorithm receives a planning task in PDDL or SPPL format.

4. The method of claim 1 , wherein a risk estimate is computed in accordance with a Fuzzy MLS model.

5. The method of claim 1 , further comprising: recording information associated with the user's workflow selection.

6. The method of claim 5 , wherein the information includes a name of the user, the selected workflow, the risk-estimate of the selected workflow's execution or the security-related requirements.

7. The method of claim 5 , further comprising: executing the selected workflow.

8. A computer program product for security planning with soft security constraints, the computer program product comprising: a non-transitory program storage device having computer readable program code embodied therewith, the computer readable program code comprising: computer readable program code for receiving security-related requirements and a desired output; computer readable program code for generating a plurality of different workflows according to the security-related requirements and desired output, wherein a workflow satisfies soft security constraints and includes a plurality of components, the components comprising software resident on a plurality of computers connected over a network, the components configured to produce the desired output; computer readable program code for presenting the workflows and a risk estimate of each workflow's execution to a user; and computer readable program code for receiving a selection from the user, wherein the selection identifies a workflow to be executed and the user's selection is not precluded by any level of the risk estimates, wherein at least one of the components is described by an action and the security-related requirements comprise a policy constraint in the action description of the at least one component, wherein the computer readable program code for generating the workflows according to the security-related requirements is further configured to: translate the security-related requirements into Fuzzy multi-level security (MLS) access class labels; and translate the Fuzzy MLS access class labels into Planning Domain Definition Language (PDDL) or Stream Processing Planning Language (SPPL), and wherein several MLS labels with different associated risk values are generated for a Fuzzy MLS access class label, and translated to a single planning problem represented in SPPL or PDDL.

9. The computer program product of claim 8 , further comprising: computer readable program code for recording information associated with the user's workflow selection.

10. The computer program product of claim 9 , further comprising: computer readable program code for executing the selected workflow.

11. A method for security planning with security constraints, comprising: receiving from a user security-related requirements and a desired output; constructing a planning task description based on the security-related requirements and desired output; invoking a planner to build a plurality of different workflows based on the planning task description; constructing user-accessible descriptions of the workflows; presenting the user-accessible descriptions and risk estimates of each workflow's execution to the user; receiving a selection from the user, wherein the selection identifies a workflow to be executed and the user's selection is not precluded by any level of the risk estimates; recording information associated with the user's workflow selection; and executing the workflow selected by the user, wherein the selected workflow includes a plurality of components, the components comprising software resident on a plurality of computers connected over a network, the components configured to produce the desired output, wherein the method is performed using a processor, wherein at least one of the components is described by an action and the security-related requirements comprise a policy constraint in the action description of the at least one component, wherein constructing the planning task description based on the security-related requirements comprises translating the security-related requirements into Fuzzy multi-level security (MLS) access class labels, and translating the Fuzzy MLS access class labels into Planning Domain Definition Language (PDDL) or Stream Processing Planning Language (SPPL), and wherein several MLS labels with different associated risk values are generated for a Fuzzy MLS access class label, and translated to a single planning problem represented in SPPL or PDDL.